Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add note to Traces/README about possible malware in pe/pe.trace

Browse source
This commit is contained in:
Tim Wojtulewicz 2025-01-30 13:28:35 -07:00
parent 430e3ab940
commit a5b0a9467d
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
testing/btest/Traces/README
View file

@ -39,3 +39,7 @@ Trace Index/Sources:
- http/docker-http-upgrade.pcap - http/docker-http-upgrade.pcap
Provided by blightzero on #4068 Provided by blightzero on #4068
https://github.com/zeek/zeek/issues/4068 https://github.com/zeek/zeek/issues/4068
- pe/pe.trace
VirusTotal reports that this file contains malware. The PE analyzer was originally added
to decode info for malware, so this is expected. See
https://zeekorg.slack.com/archives/CSZBXF6TH/p1738261449655049